// various spam checks, to be replaced with new rule engine public static async Task <string> PreAddSubmissionCheck(Message submissionModel, HttpRequestBase request, string userName, Subverse targetSubverse, Func <HttpRequestBase, Task <bool> > captchaValidator) { // TODO: reject if a submission with this title was posted in the last 60 minutes // check posting quotas if user is posting to subs they do not moderate if (!UserHelper.IsUserSubverseModerator(userName, submissionModel.Subverse)) { // reject if user has reached global daily submission quota if (UserHelper.UserDailyGlobalPostingQuotaUsed(userName)) { return("You have reached your daily global submission quota."); } // reject if user has reached global hourly submission quota if (UserHelper.UserHourlyGlobalPostingQuotaUsed(userName)) { return("You have reached your hourly global submission quota."); } // check if user has reached hourly posting quota for target subverse if (UserHelper.UserHourlyPostingQuotaForSubUsed(userName, submissionModel.Subverse)) { return("You have reached your hourly submission quota for this subverse."); } // check if user has reached daily posting quota for target subverse if (UserHelper.UserDailyPostingQuotaForSubUsed(userName, submissionModel.Subverse)) { return("You have reached your daily submission quota for this subverse."); } } // verify recaptcha if user has less than 25 CCP var userCcp = Karma.CommentKarma(userName); if (userCcp < 25) { bool isCaptchaCodeValid = await captchaValidator(request); if (!isCaptchaCodeValid) { // TODO: SET PREVENT SPAM DELAY TO 0 return("Incorrect recaptcha answer."); } } // if user CCP or SCP is less than -50, allow only X submissions per 24 hours var userScp = Karma.LinkKarma(userName); if (userCcp <= -50 || userScp <= -50) { var quotaUsed = UserHelper.UserDailyPostingQuotaForNegativeScoreUsed(userName); if (quotaUsed) { return("You have reached your daily submission quota. Your current quota is " + Settings.DailyPostingQuotaForNegativeScore + " submission(s) per 24 hours."); } } // check if subverse has "authorized_submitters_only" set and dissalow submission if user is not allowed submitter if (targetSubverse.authorized_submitters_only) { if (!UserHelper.IsUserSubverseModerator(userName, targetSubverse.name)) { return("You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization."); } } // null is returned if all checks have passed return(null); }
// add new submission public static async Task <string> AddNewSubmission(Message submissionModel, Subverse targetSubverse, string userName) { using (var db = new voatEntities()) { // LINK TYPE SUBMISSION if (submissionModel.Type == 2) { // strip unicode if title contains unicode if (ContainsUnicode(submissionModel.Linkdescription)) { submissionModel.Linkdescription = StripUnicode(submissionModel.Linkdescription); } // reject if title is whitespace or < than 5 characters if (submissionModel.Linkdescription.Length < 5 || String.IsNullOrWhiteSpace(submissionModel.Linkdescription)) { return("The title may not be less than 5 characters."); } // make sure the input URI is valid if (!UrlUtility.IsUriValid(submissionModel.MessageContent)) { // ABORT return("The URI you are trying to submit is invalid."); } // check if target subvere allows submissions from globally banned hostnames if (!targetSubverse.exclude_sitewide_bans) { // check if hostname is banned before accepting submission var domain = UrlUtility.GetDomainFromUri(submissionModel.MessageContent); if (BanningUtility.IsHostnameBanned(domain)) { // ABORT return("The hostname you are trying to submit is banned."); } } // check if user has reached daily crossposting quota if (UserHelper.DailyCrossPostingQuotaUsed(userName, submissionModel.MessageContent)) { // ABORT return("You have reached your daily crossposting quota for this URL."); } // check if target subverse has thumbnails setting enabled before generating a thumbnail if (targetSubverse.enable_thumbnails) { // try to generate and assign a thumbnail to submission model submissionModel.Thumbnail = await ThumbGenerator.ThumbnailFromSubmissionModel(submissionModel); } // flag the submission as anonymized if it was submitted to a subverse with active anonymized_mode if (targetSubverse.anonymized_mode) { submissionModel.Anonymized = true; } else { submissionModel.Name = userName; } // accept submission and save it to the database submissionModel.Subverse = targetSubverse.name; submissionModel.Likes = 1; db.Messages.Add(submissionModel); await db.SaveChangesAsync(); } else // MESSAGE TYPE SUBMISSION { // strip unicode if submission contains unicode if (ContainsUnicode(submissionModel.Title)) { submissionModel.Title = StripUnicode(submissionModel.Title); } // reject if title is whitespace or less than 5 characters if (submissionModel.Title.Length < 5 || String.IsNullOrWhiteSpace(submissionModel.Title)) { return("Sorry, submission title may not be less than 5 characters."); } // flag the submission as anonymized if it was submitted to a subverse with active anonymized_mode if (targetSubverse.anonymized_mode) { submissionModel.Anonymized = true; } else { submissionModel.Name = userName; } // grab server timestamp and modify submission timestamp to have posting time instead of "started writing submission" time submissionModel.Subverse = targetSubverse.name; submissionModel.Date = DateTime.Now; submissionModel.Likes = 1; db.Messages.Add(submissionModel); if (ContentProcessor.Instance.HasStage(ProcessingStage.InboundPreSave)) { submissionModel.MessageContent = ContentProcessor.Instance.Process(submissionModel.MessageContent, ProcessingStage.InboundPreSave, submissionModel); } await db.SaveChangesAsync(); if (ContentProcessor.Instance.HasStage(ProcessingStage.InboundPostSave)) { ContentProcessor.Instance.Process(submissionModel.MessageContent, ProcessingStage.InboundPostSave, submissionModel); } } } // null is returned if no errors were raised return(null); }